Certicom's IPR statement dated 13 October 2008 lists some patents that "may be necessary and essential to implementations of..." the TLS extractor draft "when used with either: " RFC4492, RFC5289 or draft-rescorla-tls-suiteb. Check it out: http://www.certicom.com/images/pdfs/certicom%20-ipr-contribution-to-ietfsept08.pdf Don't use it with RFC4492, RFC5289 or draft-rescorla-tls-suiteb and then the IPR statement does not apply. If it's possible to use the TLS extractor draft in a way that the IPR statement doesn't apply then I don't think you can say "the TLS Extractor draft is patent-encumbered". I support free software* and I have no problem with this draft being advanced as a Proposed Standard. regards, Dan. * http://www.lounge.org/siv_for_openssl.tgz is a free version of RFC5297 for OpenSSL, and check out the "authsae" project on Source Forge. On Mon, July 20, 2009 12:15 pm, Dean Anderson wrote: > I am against this standard because of its patent encumbrances and > non-free licencing terms. The working group did not get any clear > answers on what particular patents this draft may infringe, but a patent > holder (Certicom) did assert an IPR disclosure (1004) listing many > patents. We have no alternative but to accept the Certicom disclosure > statements as meaning that the TLS Extractor draft is patent-encumbered > without a universal, free defensive license. > > The statement by https://datatrackerietf.org/ipr/1004/ referring to > http://www.certicom.com/images/pdfs/certicom%20-ipr-contribution-to-ietfsept08.pdf > which states: > > "Certicom will, upon request, provide a nonexclusive, royalty free > patent license, to manufacturers to permit end users (including both > client and server sides), to use the patents in schedule A when > implementing any of these protocols, including those requiring third > party certificates provided the certificate is obtained from a licensed > Certificate Authority (CA). This license does not cover the issuing of > certificates by a Certification Authority (CA)." > > That is not a free license, since Certicom must respond to the "request" > before any license is granted. After the IETF finally approves the > necessary standards, Certicom is free to stop approving the requests. > > I ask others who support free software to join me in opposing this > document by sending a message stating opposition to the IETF@xxxxxxxx > mailing list. IETF participation is open to the public, and anyone may > voice their view on IETF standards. It is also substantive to oppose a > document because of its patent status, and in fact, any topic that is > considered during or related to the IETF process is substantive. > > --Dean > > > On Mon, 20 Jul 2009, The IESG wrote: > >> The IESG has received a request from the Transport Layer Security WG >> (tls) to consider the following document: >> >> - 'Keying Material Exporters for Transport Layer Security (TLS) ' >> <draft-ietf-tls-extractor-06.txt> as a Proposed Standard >> >> The IESG plans to make a decision in the next few weeks, and solicits >> final comments on this action. Please send substantive comments to the >> ietf@xxxxxxxx mailing lists by 2009-08-10. Exceptionally, >> comments may be sent to iesg@xxxxxxxx instead. In either case, please >> retain the beginning of the Subject line to allow automated sorting. >> >> The file can be obtained via >> http://www.ietf.org/internet-drafts/draft-ietf-tls-extractor-06.txt >> >> >> IESG discussion can be tracked via >> https://datatracker.ietf.org/public/pidtracker.cgi?command=view_id&dTag=16821&rfc_flag=0 >> >> _______________________________________________ >> TLS mailing list >> TLS@xxxxxxxx >> https://www.ietf.org/mailman/listinfo/tls >> >> > > -- > Av8 Internet Prepared to pay a premium for better service? > www.av8.net faster, more reliable, better service > 617 344 9000 > > > > > > > > _______________________________________________ > TLS mailing list > TLS@xxxxxxxx > https://www.ietf.org/mailman/listinfo/tls > _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf